aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--wqflask/wqflask/decorators.py26
1 files changed, 24 insertions, 2 deletions
diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py
index f6e3eb8a..54aa6795 100644
--- a/wqflask/wqflask/decorators.py
+++ b/wqflask/wqflask/decorators.py
@@ -1,14 +1,36 @@
"""This module contains gn2 decorators"""
from flask import g
+from typing import Dict
from functools import wraps
+from utility.hmac import hmac_creation
+
+import json
+import requests
def edit_access_required(f):
"""Use this for endpoints where admins are required"""
@wraps(f)
def wrap(*args, **kwargs):
- if g.user_session.record.get(b"user_email_address") not in [
- b"labwilliams@gmail.com"]:
+ resource_id: str = ""
+ if kwargs.get("inbredset_id"): # data type: dataset-publish
+ resource_id = hmac_creation("dataset-publish:"
+ f"{kwargs.get('inbredset_id')}:"
+ f"{kwargs.get('name')}")
+ if kwargs.get("dataset_name"): # data type: dataset-probe
+ resource_id = hmac_creation("dataset-probeset:"
+ f"{kwargs.get('dataset_name')}")
+ response: Dict = {}
+ try:
+ _user_id = g.user_session.record.get(b"user_id",
+ "").decode("utf-8")
+ response = json.loads(
+ requests.get("http://localhost:8080/"
+ "available?resource="
+ f"{resource_id}&user={_user_id}").content)
+ except:
+ response = {}
+ if "edit" not in response.get("data", []):
return "You need to be admin", 401
return f(*args, **kwargs)
return wrap
generated by cgit v1.2.3 (git 2.44.0) at 2024-10-19 19:14:57 +0000